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Abstract: Storing data on remote cloud storage makes the maintenance affordable by <j«tf\^jlmers. The 
reliability and trustworthiness of these remote storage locations is the main concern^Gpr a^a owners and 
cloud service providers. When Multiple data owners are involved, the aspects of j^h^bership and data 
sharing need to be addressed. In this paper, we propose a secure multi owner dat^ljja^ng scheme, named 
Mona, for dynamic groups in the cloud. By leveraging group signature and dynai^ broadcast encryption 
techniques, any cloud user can anonymously share data with others. 



. Introduction 

ia\iry)rma 



CLOUD computing is recognized as an alternative to traditionaLimfarmation technology [l] due to its 
intrinsic resource-sharing and low-maintenance characteristic^^* cloud computing, the cloud service 
providers (CSPs), such as Amazon, are able to deliver vartous^ services to cloud users with the help of 
powerful datacenters. By migrating the local data managajrel* systems into cloud servers, users can enjoy 
high-quality services and save significant investmenta^n^iheir local infrastructures. To preserve data 
privacy, a basic solution is to encrypt data files, arl^t^en upload the encrypted data into the cloud [2]. 
Unfortunately, designing an efficient and secure 4^^*haring scheme for groups in the cloud is not an easy 
task due to the following challenging issues, first /in entity privacy is one of the most significant obstacles 
for the wide deployment of cloud computffli^SVithout the guarantee of identity privacy, users may be 
unwilling to join in cloud computing sysiem^because their real identities could be easily disclosed to cloud 
providers and attackers. On the otheiJhbijp( unconditional identity privacy may incur the abuse of privacy. 
Second, it is highly recommended tffi^Spy member in a group should be able to fully enjoy the data storing 
and sharing services provided b«he cloud, which is defined as the multiple-owner manner. Compared with 
the single-owner manner [3L*S)£^ only the group manager can store and modify data in the cloud, the 
multiple-owner manner i^rw^Jflexible in practical applications. 



uthpjlA»mf 
a^wr c"" 



2. Related Work 



In [4], the authc^^p^ified a secure data sharing model, Mona, for dynamic groups in a remote storage. In 
Mona, a datal^\er can share data with others in the group without announcing their identity. Moreover, 
Mona supfcMts* effective user repudiation and new user registration. More specially, efficient user 
repudiaii^t«an be attained by a public revocation list without ideating the private keys of the remaining 
rnew users can directly decrypt files stored in the cloud before their presence. 



In Wj> Kallahalla et al. proposed a cryptographic storage system that enables secure file sharing on 
untrusted servers, named Plutus. By dividing files into filegroups and encrypting each filegroup with a 
unique file-block key, the data owner can share the filegroups with others through delivering the 
corresponding lockbox key, where the lockbox key is used to encrypt the file-block keys. However, it brings 
about a heavy key distribution overhead for large-scale file sharing. Additionally, the file-block key needs to 
be updated and distributed again for a user revocation. Lu et al. [6] proposed a secure provenance scheme, 
which is built upon group signatures and ciphertext -policy attribute-based encryption techniques. 
Particularly, the system in their scheme is set with a single attribute. Each user obtains two keys after the 
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registration: a group signature key and an attribute key. Thus, any user is able to encrypt a data file using 
attribute-based encryption and others in the group can decrypt the encrypted data using their attribute 
keys. 

3. Problem Statement 
3.1: Existing System 

To preserve data privacy, a basic solution is to encrypt data files, and then upload the encrypted data into 
the cloud. Unfortunately, designing an efficient and secure data sharing scheme for groups in the^cl^?!^s 
not an easy task. 

Existing System (Conti.) £^ ♦ 

In the existing System data owners store the encrypted data files in untrusted storage ribute the 



?sponding decryption keys only to authorized users. 



However, the complexities of user participation and revocation in these schempeVr^linearly increasing 
with the number of data owners and the number of revoked users, respectively^^^^ 

Disadvantages * 

1. Only the group manager can store and modify data in the cfi^^^ 

2. The changes of membership make secure data sharmgLgyremelv difficult the issue of user 
revocation is not addressed. 



3.2: Proposei 




1. We propose a secure multi-owner data shaiOtg^pcneme. It implies that any user in the group can 
securely share data with others by the un^^wd cloud. 

2. Our proposed scheme is able to suppajl dynamic groups efficiently. Specifically, new granted users 
can directly decrypt data files upJdS^fr before their participation without contacting with data 
owners. 

3. We provide secure and prhaK^pSse^rving access control to users, which guarantees any member in 
a group to anonymouslvutn^^he cloud resource. 

4. We provide rigorous s«urity analysis, and perform extensive simulations to demonstrate the 
efficiency of our schemS^flJterms of storage and computation overhead. 

<L^ Advantages 

1. Any usej ij^fc^group can store and share data files with others by the cloud. 

2. The enjrJ^OTiipn complexity and size of ciphertexts are independent with the number of revoked 
user^» ne system. 

3. Usfc^vocation can be achieved without updating the private keys of the remaining users. 
\y 4. System Architecture 



<5 
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5. Modules 
1. Cloud Module 

In this module, we create a local Cloud and provide priced abundant storage services. The users can upload 
their data in the cloud. We develop this module, where the cloud storage can be made secure. However, the 
cloud is not fully trusted by users since the CSPs are very likely to be outside of the cloud users' trusted 
domain. Similar to we assume that the cloud server is honest but curious. 



2. Group Manager Module ^\ 



4> 



Group manager takes charge of followings, 

1. System parameters generation, 

2. User registration, 

3. User revocation, and 

4. Revealing the real identity of a dispute data owner 



3. Group Member Module 



1. Group members are a set of registered users that will 5^^S 

2. Store their private data into the cloud server and 

3. Share them with others in the group. 

4. File Security 



SecuritvJj^ 
ymTOlwr the g 



Encrypting the data file. 

File stored in the cloud can be deleted by^SJlw' the group manager or the data owner. 
5. Gr^Jwllignature Module 

rvS 



A group signature scheme allows an^ii^^ber of the group to sign messages while keeping the identity 
secret from verifiers. Besides, the «|e^lgnated group manager can reveal the identity of the signature's 
originator when a dispute occur^^hicri is denoted as traceability. 

6. User Revocation Module 

User revocation is peff^OTieJ by the group manager via a public available revocation list (RL), based on 
which group membnifcCjin encrypt their data files and ensure the confidentiality against the revoked users. 



-a 
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6. Experimental Results 
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7. Future Enhancement 
8. Conclusion: 



In this paper, we developed a secure Multi owner Data sharing flw A pfeey protocol for an untrusted cloud. 
In this model, a new user can store data on the cloud storage^jlhout communicating with all the data 
owners. The group key manager grants the key on requeswAths new data owners directly. The new u 
revocation and registration is made simple by allowin^^e user to communicate with the group key 
manager through the revocation policy. The storag^S^^head and the encryption computation c 
varied. 
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